在设计中保存自定义字段在rails 4中的用户模型

时间:2013-08-23 22:49:20

标签: ruby-on-rails ruby authentication devise ruby-on-rails-4

我制作了一个设计用户模型,并为其添加了其他字段。当我创建和帐户一切正常时,只有电子邮件,pw和pw conf。

然后,我想允许用户转到编辑页面并填写可选的附加字段。 但是,当他们提交时,一切都保存为零。

 class RegistrationsController < Devise::RegistrationsController

   before_action :configure_permitted_parameters, if: :devise_controller?

   def configure_permitted_parameters
     devise_parameter_sanitizer.for(:sign_in){ |u| u.permit(:email, :password) }
     devise_parameter_sanitizer.for(:sign_up){ |u| u.permit(:name, :username, :about,  :email, :password, :password_confirmation)}
     devise_parameter_sanitizer.for(:account_update){ |u| u.permit(:name, :username, :about, :email, :password, :password_confirmation) }
   end

   def update
     self.resource = resource_class.to_adapter.get!(send(:"current_#{resource_name}").to_key)
     if resource.update_with_password(user_params)
       if is_navigational_format?
         flash_key = update_needs_confirmation?(resource, prev_unconfirmed_email) ? :update_needs_confirmation : :updated
         set_flash_message :notice, flash_key
       end
       sign_in resource_name, resource, :bypass => true
       respond_with resource, :location => after_update_path_for(resource)
     else
       clean_up_passwords resource
       respond_with resource
     end
   end

   def user_params 
     params.require(:user).permit(:email, :password, :current_password, :password_confirmation, :name, :username, :about) 
   end
 end

我在控制台中获得此输出,

 ActiveRecord::SchemaMigration Load (0.1ms)  SELECT "schema_migrations".* FROM "schema_migrations"
 Processing by Devise::RegistrationsController#update as HTML
 Parameters: {"utf8"=>"✓", "authenticity_token"=>"EG8FtCTBohuG2uwUvIqmY7KTsmYY1nMAXqTfc0Li+eQ=", 
 "user"=>{"email"=>"a@a.com", "name"=>"Aaron", "username"=>"", "about"=>"", 
 "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]", "current_password"=>"[FILTERED]"}, "commit"=>"Update"}

User Load (2.2ms)  SELECT "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1  [["id", 1]]
Unpermitted parameters: name, username, about

但是当我在控制台中检查时(使用User.last),数据库中没有保存任何内容。我被卡住了,看了看,不知道出了什么问题......

4 个答案:

答案 0 :(得分:38)

在Rails4中我们有很强的参数,所以请

将以下行添加到application_controller.rb

before_filter :configure_devise_params, if: :devise_controller?
  def configure_devise_params
    devise_parameter_sanitizer.for(:sign_up) do |u|
      u.permit(:first_name, :last_name, :gender, :email, :password, :password_confirmation)
    end
  end

答案 1 :(得分:3)

在处理类似的事情后,我决定使用Application Controller,然后发现Devise文档在其强参数部分中相当简单,并提供了使用Application Controller的替代方法。 https://github.com/plataformatec/devise#strong-parameters

以下是适用于我的应用程序控制器的方法。

    class ApplicationController < ActionController::Base

      before_filter :configure_permitted_parameters, if: :devise_controller?

      private

      def configure_permitted_parameters
         devise_parameter_sanitizer.for(:sign_up){ |u| u.permit(:name, :username, :about,  :email, :password, :password_confirmation)}        
         devise_parameter_sanitizer.for(:account_update){ |u| u.permit(:name, :username, :about, :email, :password, :password_confirmation) }          
      end

    end

这应该是相同的,它会直接覆盖Devise::RegistrationController中的方法。

    class Users::RegistrationsController < Devise::RegistrationsController

      private

      def configure_sign_up_params
        devise_parameter_sanitizer.for(:sign_up){ |u| u.permit(:name, :username, :about,  :email, :password, :password_confirmation)}
      end

      def configure_account_update_params
        devise_parameter_sanitizer.for(:account_update){ |u| u.permit(:name, :username, :about, :email, :password, :password_confirmation) }
      end

    end

答案 2 :(得分:1)

首先产生新的领域。 以供参考 http://guides.rubyonrails.org/migrations.html

您是否在用户控制器参数中添加了新字段?

   def user_params
      params.require(:user).permit(:email, :password, :password_confirmation)
    end

    def sign_up_params
      params.require(:user).permit(:email, :password, :password_confirmation)
    end

在应用程序控制器中

before_filter :configure_permitted_parameters, if: :devise_controller?

  protected

  def configure_permitted_parameters
    devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:email, :password, :password_confirmation)}

    devise_parameter_sanitizer.for(:sign_in) { |u| u.permit(:email, :password, :password_confirmation)}
  end

在覆盖设计的注册表单中添加此

class Users::RegistrationsController < Devise::RegistrationsController
     skip_before_filter :verify_authenticity_token, :only => [:ipn_notification]
  def sign_up_params
      params.require(:user).permit(:email, :password, :password_confirmation)
  end

之后,在所有视图中添加新字段_form,show,edit,index。

答案 3 :(得分:1)

在Rails 4.2中,这就是我的方式。 我有应用设计的用户模型。
使用此命令&#34; rails generate devise:controllers users&#34;生成自定义控制器 我添加了&#34;用户名&#34;我的用户模型的名称属性

在我的控制器中

class Users::RegistrationsController < Devise::RegistrationsController
 before_filter :configure_sign_up_params, only: [:create]
 before_filter :configure_account_update_params, only: [:update]
 #rest of code as generated

   protected

    # If you have extra params to permit, append them to the sanitizer.
    def configure_sign_up_params
      devise_parameter_sanitizer.for(:sign_up) << :username
    end

   # If you have extra params to permit, append them to the sanitizer.
   def configure_account_update_params
     devise_parameter_sanitizer.for(:account_update) << :username
   end

在路线

devise_for :users, controllers: {registrations: "users/registrations"}